Azure Authentication Mechanism

Question

I have an App Service with a Mobile App in Azure cloud platform. The backend API is made using the Easy APIs in Node.js. In the same Resource Group there is also a SQL Server and a SQL Database. The client applications(Android,iOS and a Web app in Angular, PHP or Python) have to authenticate in order to call the API apps.

I am very confused regarding the authentication mechanisms. I want to make a login page for my users in the iOS, Android and Web application but I don't know how to design the authentication mechanism. Potential users will be all the clients who download the mobile applications and a few premium clients.

Should I pick the Azure Active Directory solution or should I make my implementation using the database as storage?

Answer 1

Actually, Azure Mobile Apps in Node.js backend are express.js applications running on Azure App Services. And the Mobile-Apps-SDK in a middleware of express.js. So it depends your requirement. The default authentication mechanism in mobile-apps-sdk is implemented via Azure gateway auth. Also you can implement your own custom auth.

If you have control over your mobile app and you want to just use the regular Facebook, Twitter, Google and Microsoft sign-in controls, then use the Azure gateway available in Azure Mobile Apps to get a mobile apps token. There are controls available for iOS, Android, Apache Cordova and Xamarin. You can also do a redirect to use the web. You can refer to Add authentication to your Android app

Otherwise, you can custom authentication and can provide your own token generator. You can use a third party authentication provider like Auth0.

You can refer to https://shellmonger.com/2015/10/06/azure-mobile-apps-nodejs-and-authentication/ for more information.